Cybersecurity Specialist

Security Operations & Threat Management:

• Monitor and analyze security events, detect vulnerabilities, and respond to security incidents.
• Implement firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
• Perform penetration testing, vulnerability assessments, and security audits.
• Investigate security breaches and recommend remediation strategies.
• Assess and mitigate cyber risks to protect organizational data and systems.
• Ensure compliance with cybersecurity frameworks and standards such as ISO 27001, NIST, GDPR, and PCI DSS.
• Develop and enforce security policies, procedures, and best practices.
• Collaborate with legal and compliance teams to address regulatory requirements.

Infrastructure & Data Protection:

• Implement and manage encryption, access controls, and identity management solutions.
• Secure cloud environments (AWS, Azure, Ali Cloud or Google Cloud) and on-premises infrastructure.
• Oversee secure software development practices and ensure security in DevOps environments.
• Protect critical data from ransomware, phishing, and malware attacks.
• Develop and maintain an Incident Response Plan (IRP) to handle cybersecurity events.
• Conduct forensic analysis to determine attack vectors and mitigate future threats.
• Work with security information and event management (SIEM) systems for proactive threat detection.

Security Awareness & Training:

• Educate employees on cybersecurity best practices to prevent social engineering attacks.
• Conduct simulated phishing campaigns and security awareness training.
• Stay up to date with emerging cyber threats, trends, and technologies.

Desired Candidate Profile

Required Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Security, or a related field.
• 4+ years of hands-on experience in cybersecurity, network security, or information security.
• Strong knowledge of firewalls, SIEM tools, IDS/IPS, and endpoint protection.
• Proficiency in penetration testing, ethical hacking, and forensic analysis.
• Experience securing cloud environments, databases, and APIs.
• Understanding of cyber threat intelligence and attack methodologies.
• Familiarity with security standards such as ISO 27001, NIST, SOC 2, GDPR, and PCI DSS.
• Hands-on experience with security assessments, including OWASP methodologies, web and mobile API security, Active Directory (AD) penetration testing, internal and external network penetration testing, cloud security, automated penetration testing, and Capture The Flag (CTF) challenges.
• Certifications like CISSP, CISM, CEH, OSCP, or CompTIA Security+ are a plus.

Preferred Skills:

• Knowledge of scripting languages (Python, Bash, PowerShell) for automation.
• Experience with security orchestration, automation, and response (SOAR) tools.
• Understanding of blockchain security, financial fraud prevention, or fintech security.
• Ability to work in high-pressure environments and respond to cyber threats in real time.